The Federal Trade Commission has, for the first time ever, banned a company and its CEO from the surveillance business in the U.S. Stalkerware service provider company SpyFone and its CEO, Scott Zuckerman, were banned for allegedly harvesting and sharing data through a hidden backdoor.
Several companies that use the OpenSSL cryptography library toolkit are reportedly scrambling and releasing security advisories to their users following patching of two vulnerabilities that were first fixed and disclosed to users on Aug. 24.
Microsoft is warning of a "widespread" phishing campaign in which fraudsters use open redirect links to lure users to malicious websites to harvest Office 365 and other credentials, according to a recent report. In some cases, the attackers deploy a malicious CAPTCHA verification page.
Researchers at The Citizen Lab at the University of Toronto say they've found a new zero-click iMessage exploit that's been used by the government of Bahrain to install the NSO Group's Pegasus spyware on the devices of human rights and political activists.
The Cybersecurity and Infrastructure Security Agency is warning organizations to immediately patch the ProxyShell vulnerabilities in Microsoft Exchange email servers because security researchers say ransomware gangs are exploiting these flaws.
Israel-based digital intelligence company Cellebrite is halting sales to Bangladesh, citing human rights concerns. The move comes after the U.N. on Friday called for a moratorium on the sale of "life-threatening" surveillance technology, singling out Israel's NSO Group for criticism.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
Taiwan-based network-attached storage device manufacturer Synology says the StealthWorker botnet is targeting its products with brute force attacks that could lead to ransomware intrusions.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.